Chinese Hackers Reportedly Targeted 27 Universities

The cyberattacks focused on universities that either studied underwater technology or had faculty with relevant backgrounds, according to reports.

By Jessica Davis

March 07, 2019

Hackers from China targeted more than two dozen universities in the U.S. and elsewhere in an apparent effort to gain access to maritime military research, according to a report by cybersecurity firm iDefense. The iDefense report was originally obtained and reported on by the Wall Street Journal.

The Chinese hackers used spear phishing techniques when targeting universities, sending emails that appeared to come from partner universities but which unleashed a malicious payload once opened.

The cyberattacks focused on universities that either studied underwater technology or had faculty with relevant backgrounds, according to reports. Universities are often seen as easier cyberattack targets than U.S. military contractors and can still have useful military research.

In its report, iDefense found that 27 universities had been targeted by the hacking group, including the Massachusetts Institute of Technology, the University of Washington, the University of Hawaii and other colleges in Canada and Southeast Asia. The report didn’t name every school, due to ongoing investigations, but anonymous sources told the Wall Street Journal that Penn State and Duke University were two of the other schools targeted.

According to reports, the hacker group has been given various nicknames by security researchers, including Mudcarp or Leviathan. Its connection to the Chinese government is unclear, but analysts believe the Chinese government is a likely sponsor, given that the group seems to target U.S. military data.